InfoSec LAB

Billyboss_WESNG

Created: 2 min read

Windows Exploit Suggester Next Generation

Checking the target system for vulnerabilities with wesng

┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/billyboss]
└─$ wes ./sysinfo -e
WARNING:root:chardet module not installed. In case of encoding errors, install chardet using: pip3 install chardet
Windows Exploit Suggester 1.03 ( https://github.com/bitsadmin/wesng/ )
[+] Parsing systeminfo output
[+] Operating System
    - Name: Windows 10 Version 1903 for x64-based Systems
    - Generation: 10
    - Build: 18362
    - Version: 1903
    - Architecture: x64-based
    - Installed hotfixes (6): KB4552931, KB4497165, KB4497727, KB4537759, KB4552152, KB4540673
[+] Loading definitions
    - Creation date of definitions: 20250228
[+] Determining missing patches
[+] Applying display filters
[!] Found vulnerabilities!
 
Date: 20200512
CVE: CVE-2020-0646
KB: KB4532938
Title: .NET Framework Remote Code Execution Injection Vulnerability
Affected product: Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1903 for x64-based Systems
Affected component: .NET Framework
Severity: Critical
Impact: Remote Code Execution
Exploits: http://packetstormsecurity.com/files/156930/SharePoint-Workflows-XOML-Injection.html, http://packetstormsecurity.com/files/156930/SharePoint-Workflows-XOML-Injection.html
 
Date: 20200313
CVE: CVE-2020-0796
KB: KB4551762
Title: Windows SMBv3 Client/Server Remote Code Execution Vulnerability
Affected product: Windows 10 Version 1903 for x64-based Systems
Affected component: Windows SMB
Severity: Critical
Impact: Remote Code Execution
Exploits: http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.html, http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.html, http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.html, http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.html
 
Date: 20200313
CVE: CVE-2020-0796
KB: KB4551762
Title: Windows SMBv3 Client/Server Remote Code Execution Vulnerability
Affected product: Windows 10 Version 1903 for x64-based Systems
Affected component: Windows SMB
Severity: Critical
Impact: Remote Code Execution
Exploits: http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.html, http://packetstormsecurity.com/files/156732/Microsoft-Windows-SMB-3.1.1-Remote-Code-Execution.html, http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.html, http://packetstormsecurity.com/files/157110/SMBv3-Compression-Buffer-Overflow.html
 
Date: 20200714
CVE: CVE-2020-1147
KB: KB4578974
Title: .NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability
Affected product: Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1903 for x64-based Systems
Affected component: .NET Framework
Severity: Critical
Impact: Remote Code Execution
Exploits: http://packetstormsecurity.com/files/158694/SharePoint-DataSet-DataTable-Deserialization.html, http://packetstormsecurity.com/files/158876/Microsoft-SharePoint-Server-2019-Remote-Code-Execution.html, http://packetstormsecurity.com/files/163644/Microsoft-SharePoint-Server-2019-Remote-Code-Execution.html, https://www.exploitalert.com/view-details.html?id=35992, http://packetstormsecurity.com/files/158694/SharePoint-DataSet-DataTable-Deserialization.html, https://www.exploitalert.com/view-details.html?id=35992, http://packetstormsecurity.com/files/163644/Microsoft-SharePoint-Server-2019-Remote-Code-Execution.html, http://packetstormsecurity.com/files/158876/Microsoft-SharePoint-Server-2019-Remote-Code-Execution.html
 
Date: 20200714
CVE: CVE-2020-1147
KB: KB4578974
Title: .NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability
Affected product: Microsoft .NET Framework 3.5 AND 4.8 on Windows 10 Version 1903 for x64-based Systems
Affected component: .NET Framework
Severity: Critical
Impact: Remote Code Execution
Exploits: http://packetstormsecurity.com/files/158694/SharePoint-DataSet-DataTable-Deserialization.html, http://packetstormsecurity.com/files/158876/Microsoft-SharePoint-Server-2019-Remote-Code-Execution.html, http://packetstormsecurity.com/files/163644/Microsoft-SharePoint-Server-2019-Remote-Code-Execution.html, https://www.exploitalert.com/view-details.html?id=35992, http://packetstormsecurity.com/files/158694/SharePoint-DataSet-DataTable-Deserialization.html, https://www.exploitalert.com/view-details.html?id=35992, http://packetstormsecurity.com/files/163644/Microsoft-SharePoint-Server-2019-Remote-Code-Execution.html, http://packetstormsecurity.com/files/158876/Microsoft-SharePoint-Server-2019-Remote-Code-Execution.html
 
[-] Missing patches: 3
    - KB4551762: patches 2 vulnerabilities
    - KB4578974: patches 2 vulnerabilities
    - KB4532938: patches 1 vulnerability
[I] KB with the most recent release date
    - ID: KB4578974
    - Release date: 20200714
[+] Done. Displaying 5 of the 154 vulnerabilities found.

CVE-2020-0796

Interactive Graph View

Backlinks